Re: Patch to semanage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 7/17/09 6:10 AM, "Daniel J Walsh" <dwalsh@xxxxxxxxxx> wrote:

> Ok lets try the patch again.
> 
> Added equal patch (spelled correctly.)
> Beginning to add modules support to consolidate on one management command.
> Eventually replace semodule/setsebool with semanage command.
> Some white space fixing in seobject.py

I'm looking at this patch now. There are a couple of changes that I believe
are not part of the rest, but I wonder if you could verify this (and maybe
tell me why they're here).

> diff --git a/policycoreutils/semanage/seobject.py
> b/policycoreutils/semanage/seobject.py
> index 94bdf7f..5b94a0f 100644
> --- a/policycoreutils/semanage/seobject.py
> +++ b/policycoreutils/semanage/seobject.py
> @@ -21,7 +21,7 @@
>  #
>  #  
>  
> -import pwd, grp, string, selinux, tempfile, os, re, sys
> +import pwd, grp, string, selinux, tempfile, os, re, sys, stat
>  from semanage import *;
>  PROGNAME = "policycoreutils"
>  import sepolgen.module as module
> @@ -273,6 +273,7 @@ class setransRecords:
>                 (fd, newfilename) = tempfile.mkstemp('', self.filename)
>                 os.write(fd, self.out())
>                 os.close(fd)
> +               os.chmod(newfilename, os.stat(self.filename)[stat.ST_MODE])
>                 os.rename(newfilename, self.filename)
>                  os.system("/sbin/service mcstrans reload > /dev/null")
>  
I'm guessing there was some problem with the permissions on setrans files?

> @@ -983,7 +1027,7 @@ class portRecords(semanageRecords):
>                         proto_str = semanage_port_get_proto_str(proto)
>                         low = semanage_port_get_low(port)
>                         high = semanage_port_get_high(port)
> -                       ddict[(low, high)] = (ctype, proto_str, level)
> +                       ddict[(low, high, proto_str)] = (ctype, level)
>                 return ddict
>  
>         def get_all_by_type(self, locallist = 0):

Was this just plain wrong before? I'm not familiar with this. Was there not
a user before (and presumably there is one now)?

Everything else seems to fall into one of your 3 categories above.

Thanks,
Chad


--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux